By Jim
Updated on Wednesday, January 27th, 2010
Live Enterprise Suite is a fake anti-spyware which proliferates through trojans and fake online scanners. Its main objective is to dupe you into buying a so-called “full” or “premium” version bearing the same name. In reality, Live Enterprise Suite is a scam – one that can cause grave disruptions to your computer-related tasks.
If Live Enterprise Suite manages to enter your system, it will target your Windows system’s most crucial features. For instance, it will disable the Task Manager, so as to prevent you from stopping whatever processes are aiding its activities. It will also interrupt your GUI navigation by rendering the Explorer.exe useless.
To catch your attention, it will run fake scans and notify you of the the presence of malware threats. It won’t mention itself among those threats of course. Live Enterprise Suite will keep on promoting its “full version” in all of its notifications if you ever interact with it. That’s why it is strongly suggested that you avoid interacting with its user interface as much as possible.
If you want to avoid getting fooled into buying a restless piece of rogue software or if you want to keep your credit card information intact, read our Live Enterprise Suite removal instructions below.
Symptoms Of Infection
- Your computer is acting slow. Live Enterprise Suite slow down your system significantly. This includes starting up, shutting down, playing games, and surfing the web.
- You are getting pestered with pop ups. Live Enterprise Suite infects your registry and uses it to launch annoying pop up ads out of nowhere.
- Searches are redirected or your homepage and desktop are settings are changed. This is a symptom of a very serious Live Enterprise Suite infection.
Dangers Of Infection
Viruses like Live Enterprise Suite will infect your registry and other important system files. If the infection is not treated it can cause a complete collapse of your system.
Some Live Enterprise Suite infections contain spyware and keyloggers which can be used to record sensitive data like passwords, credit card, bank account, and social security numbers. The longer you allow the infection to fester, the greater the chance of identity fraud.
How To Remove Infection Manually
Uninstall Live Enterprise Suite Processes
winlogon.exe
services.exe
atbyin.exe
[random path]char.exe
IAPro.exe
Delete Live Enterprise Suite Files
%UserProfile%\Application Data\Live Enterprise Suite\settings.ini
%UserProfile%\Application Data\Live Enterprise Suite\uill.ini
%UserProfile%\Application Data\Live Enterprise Suite\unins000.exe
%UserProfile%\Application Data\Live Enterprise Suite\updateloadlist.ini
%UserProfile%\Application Data\Live Enterprise Suite\db
%UserProfile%\Application Data\Live Enterprise Suite\db\config.cfg
%UserProfile%\Application Data\Live Enterprise Suite\db\Timeout.inf
%UserProfile%\Application Data\Live Enterprise Suite\db\Urls.inf
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Antivirus Pro.lnk
%UserProfile%\Application Data\Microsoft\Windows\winlogon.exe
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
%UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe
%UserProfile%\My Documents\My Pictures\atbyin.exe
c:\Program Files\Common Files\[random path]char.exe
c:\Program Files\Common Files\[random path]calc.exe
c:\Program Files\Internet Antivirus Pro
c:\Program Files\Internet Antivirus Pro\activate.ico
c:\Program Files\Internet Antivirus Pro\Explorer.ico
c:\Program Files\Internet Antivirus Pro\IAPro.exe
c:\Program Files\Internet Antivirus Pro\unins000.dat
c:\Program Files\Internet Antivirus Pro\uninstall.ico
c:\Program Files\Internet Antivirus Pro\working.log
c:\Program Files\Internet Antivirus Pro\db
c:\Program Files\Internet Antivirus Pro\db\DBInfo.ver
c:\Program Files\Internet Antivirus Pro\db\ia080614.db
c:\Program Files\Internet Antivirus Pro\db\lists.ini
c:\Program Files\Internet Antivirus Pro\db\WMILib.dll
c:\Program Files\Internet Antivirus Pro\Languages
c:\Program Files\Internet Antivirus Pro\Languages\IAEs.lng
c:\Program Files\Internet Antivirus Pro\Languages\IAFr.lng
c:\Program Files\Internet Antivirus Pro\Languages\IAGer.lng
c:\Program Files\Internet Antivirus Pro\Languages\IAIt.lng
c:\WINDOWS\system32\[random path].dll
c:\WINDOWS\system32\[random path].dll
c:\Documents and Settings\All Users\Desktop\Internet Antivirus Pro.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Internet Antivirus Pro
c:\Documents and Settings\All Users\Start Menu\Programs\Internet Antivirus Pro\Internet Antivirus Pro Home Page.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Internet Antivirus Pro\Internet Antivirus Pro.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Internet Antivirus Pro\Purchase License.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\Internet Antivirus Pro\Uninstall Internet Antivirus Pro.lnk
Remove Live Enterprise Suite Registry Files
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe “RealDebugger”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\567 1.4.2.0_is1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live Enterprise Suite_is1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_HTGRDENGINE
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\HTGrdEngine
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_HTGRDENGINE
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTGrdEngine
HKEY_CURRENT_USER\Software\Microsoft\FTP “SearchDir” = “c:\program files\Internet Antivirus Pro\”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run “[random]”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Live Enterprise Suite”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Microsoft Windows logon process” HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION “svchost.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent “URIAPRO[]”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent “URIAPRO[]”
Popular Search Terms
Remove Live Enterprise Suite
Delete Live Enterprise Suite
Uninstall Live Enterprise Suite
How to get rid of Live Enterprise Suite
How to remove Live Enterprise Suite
Live Enterprise Suite removal
Remove LiveEnterpriseSuite
LiveEnterpriseSuite removal
Live-Enterprise-Suite
Warning! If Spyware Doctor is blocked by the virus then run your system in safe mode and try again. To do this reboot your system and tap F8 repeatedly as your computer starts up. Then run Spyware Doctor as normal.
Posted under Fake Antispyware | No Comments
